CVE-2019-10954

An attacker could send crafted SMTP packets to cause a denial-of-service condition where the controller enters a major non-recoverable faulted state (MNRF) in CompactLogix 5370 L1, L2, and L3 Controllers, Compact GuardLogix 5370 controllers, and Armor Compact GuardLogix 5370 Controllers Versions 20 - 30 and earlier.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:rockwellautomation:compactlogix_5370_l1_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:rockwellautomation:compactlogix_5370_l1:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:rockwellautomation:compactlogix_5370_l2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:rockwellautomation:compactlogix_5370_l2:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:rockwellautomation:compactlogix_5370_l3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:rockwellautomation:compactlogix_5370_l3:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:rockwellautomation:compact_guardlogix_5370_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:rockwellautomation:compact_guardlogix_5370:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:rockwellautomation:armor_compact_guardlogix_5370_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:rockwellautomation:armor_compact_guardlogix_5370:-:*:*:*:*:*:*:*

History

20 Jun 2023, 15:15

Type Values Removed Values Added
References
  • (MISC) https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1075979 -
CWE CWE-787 CWE-121
Summary An attacker could send crafted SMTP packets to cause a denial-of-service condition where the controller enters a major non-recoverable faulted state (MNRF) in CompactLogix 5370 L1, L2, and L3 Controllers, Compact GuardLogix 5370 controllers, and Armor Compact GuardLogix 5370 Controllers Versions 20 to 30.014 and earlier. An attacker could send crafted SMTP packets to cause a denial-of-service condition where the controller enters a major non-recoverable faulted state (MNRF) in CompactLogix 5370 L1, L2, and L3 Controllers, Compact GuardLogix 5370 controllers, and Armor Compact GuardLogix 5370 Controllers Versions 20 - 30 and earlier.

Information

Published : 2019-05-01 19:29

Updated : 2024-02-28 17:08


NVD link : CVE-2019-10954

Mitre link : CVE-2019-10954

CVE.ORG link : CVE-2019-10954


JSON object : View

Products Affected

rockwellautomation

  • compact_guardlogix_5370
  • compactlogix_5370_l2_firmware
  • compactlogix_5370_l2
  • compactlogix_5370_l3_firmware
  • compactlogix_5370_l3
  • compact_guardlogix_5370_firmware
  • armor_compact_guardlogix_5370_firmware
  • compactlogix_5370_l1
  • compactlogix_5370_l1_firmware
  • armor_compact_guardlogix_5370
CWE
CWE-121

Stack-based Buffer Overflow

CWE-787

Out-of-bounds Write